summaryrefslogtreecommitdiff
path: root/strata/ntpd/ntpd.morph
blob: 762762c7a8d82a27f031fbe8ee8f65e5c0383722 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
name: ntpd
kind: chunk
build-system: autotools
configure-commands:
- ./configure --prefix="$PREFIX" --enable-linuxcaps
post-install-commands:
- |
  cat > ntpd.service << EOF
  [Unit]
  Description=Network Time Service
  After=network.target nss-lookup.target
  Conflicts=systemd-timesyncd.service

  [Service]
  Type=forking
  ExecStart=/usr/bin/ntpd -u ntp:ntp -Ng
  PrivateTmp=True
  Restart=on-failure

  [Install]
  WantedBy=multi-user.target
  EOF
- install -D -m 644 ntpd.service "$DESTDIR"/lib/systemd/system/ntpd.service
- mkdir -p "$DESTDIR"/lib/systemd/system/multi-user.target.wants
- ln -s /lib/systemd/system/ntpd.service  "$DESTDIR"/lib/systemd/system/multi-user.target.wants/ntpd.service
- |
  cat > ntp.conf << EOF
  # We use iburst here to reduce the potential initial delay to set the clock
  server 0.pool.ntp.org iburst
  server 1.pool.ntp.org iburst
  server 2.pool.ntp.org iburst
  server 3.pool.ntp.org iburst

  # kod - notify client when packets are denied service,
  # rather than just dropping the packets
  #
  # nomodify - deny queries which attempt to modify the state of the server
  #
  # notrap - decline to provide mode 6 control message trap service to
  # matching hosts
  #
  # see ntp.conf(5) for more details
  restrict -4 default limit kod notrap nomodify
  restrict -6 default limit kod notrap nomodify
  EOF
- install -D -m 644 ntp.conf "$DESTDIR"/etc/ntp.conf
system-integration:
  ntpd-misc:
    00-add-ntpd-user:
    - groupadd -r ntp
    - useradd -g ntp -d /home/ntp -s /bin/false -r ntp